pam + cifs authentication

    The problem with cifs or smbfs/smb/samba is that mounting a cifs filesystems requires a password. As one assumes you already have a central password repository like ldap, NT Domain or nis the password for the cifs smbfs is the same as for the local system.

    When logging in the problem is the transfer of the password from the Password: prompt to the automounter autofs. To get this to work i wrote a pam module called libpam-storepw. The aim of this module is to create an smbmount credential file like this:

    username = flo
    password = secret

    To get libpam-storepw called you need to modify the pam files for the login methods you want to support. As an example here is the ssh version:

    auth       required
    auth       required
    auth       required
    auth       required

    Now you need to setup your auto.master:

    /home                   /etc/auto.home

    and a auto.home.

    *       -fstype=smbfs,uid=&,dmask=700,gid=1000,credentials=/var/run/pw/& ://samba/homes